Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

•A computer outage at the British Airways Terminal 7 in John F.
Kennedy Airport in New York caused several check-in delays due to Internet
issues that prevented passengers from completing online check-ins May 29. – Associated
Press

5. May 30,
Associated Press – (New York) Computer glitch resolved at JFK Airport after
massive delays. A computer outage at the British Airways Terminal 7 in John
F. Kennedy Airport in New York caused several check-in delays due to Internet
issues that prevented passengers from completing online check-ins and forced
thousands of passengers to wait in line for several hours May 29 to check-in
manually. Officials resolved the issue and had all computers up and running May
30. Source: http://www.greenwichtime.com/news/us/article/Computer-glitch-resolved-at-JFK-Airport-after-7952782.php

•Severe flooding May 27 in Texas and Kansas left six people dead,
prompted the evacuation of residents and approximately 2,600 inmates along the
Brazos River, and led to the closure of the Houston Ship Channel and a section
of the Neches River for several hours. –CNN

18. May 31,
CNN – (Texas; Kansas) Six dead after record-setting floods in
Texas, Kansas. Severe flooding caused by heavy rainfall May 27 in Texas and
Kansas left six people dead, prompted evacuation orders for residents along the
Brazos River in Fort Bend County, forced the evacuation and transfer of
approximately 2,600 inmates from two prisons along the river, and led to the
closure of the Houston Ship Channel and a section of the Neches River for
several hours. Source: http://www.cnn.com/2016/05/29/us/flooding-texas-kansas/index.html

• An Australian security researcher
found that a hacker under the online name,“peace_of_mind” posted the
information of 50 million Tumblr accounts on a darknet Website for a small sum
of money. – SecurityWeek See item 20 below in
the Information Technology Sector

• A Reddit spokesperson
reported May 26 that as a precaution, the company advised 100,000of its users
to reset their passwords after a security researcher detecting an increase
inaccount hijackings. – Softpedia See item 25below in the Information Technology Sector

Financial Services Sector

1. May 31,
South Florida Sun-Sentinel – (Florida) Bank robber called ‘Ball Cap
Bandit’ hunted by FBI. Authorities offered a reward May 31 in exchange for
information regarding a man dubbed the “Ball Cap Bandit,” who is suspected of
robbing nine Chase Bank branches in Palm Beach County, Broward County, and
Martin County, and one PNC Bank branch in Martin County since December 2015. Authorities
stated that the suspect should be considered armed and dangerous. Source: http://www.sun-sentinel.com/news/fl-ball-cap-bank-bandit-fbi-20160531-story.html

Information Technology Sector

20. May 31,
SecurityWeek – (International) 65 million users affected by Tumblr breach. Tumblr
officials reported that as a precaution, they have reset all their customers’
passwords after an Australian security researcher found that a hacker under the
online name, “peace_of_mind” posted the information of 50 million Tumblr
accounts on a darknet Web site called, “The Real Deal” for a small sum of
money. The same hacker was also seen selling millions of records of LinkedIn,
Fling.com, and Myspace users. Source: http://www.securityweek.com/65-million-users-affected-tumblr-breach

22. May 30,
SecurityWeek – (International) Recently patched OpenSSL flaw still plagues
top sites. An OpenSSL vulnerability previously patched in early May was
discovered unpatched on 19 percent of Alexa Top 10,000 Web sites after a
security researcher from High-Tech Bridge conducted an automated, non-intrusive
scan by searching for the use of Advanced Encryption Standard (AES) Cipher
Block Chaining (CBC) and by using custom OpenSSL code designed to check for the
vulnerability. Source: http://www.securityweek.com/recently-patched-openssl-flaw-still-plagues-top-sites

23. May 30,
IDG News Service – (International) WordPress plug-in flaw puts over 1M websites
at risk. Security researchers from Sucuri discovered a cross-site scripting
(XSS) vulnerability that affects all Jetpack versions starting with 2.0 and
released since 2012 after finding that the flaw was located in the Shortcode
Embeds Jetpack module and could allow an attacker to inject malicious
JavaScript code into the comments of external videos, images, documents,
tweets, and other resources. The flaw can be exploited to steal users’
authentication cookies, redirect victims to exploits, and inject search engine
optimization (SEO) spam. Source: http://www.computerworld.com/article/3076741/security/wordpress-plug-in-flaw-puts-over-1m-websites-at-risk.html#tk.rss_security

24. May 30,
Softpedia – (International) Ancient Bayrob backdoor trojan resurfaces
after nine years with updated versions. Security researchers discovered
that the Bayrob trojan, which was dormant for nine years, started reappearing
with new features including cloning techniques that allows the trojan to launch
multiple processes tasked with its own malicious routine, encrypt exfiltrated
information, and uses a custom protocol over Transmission Control Protocol/
Internet Protocol (TCP/IP) to communicate with its server.Source: http://news.softpedia.com/news/ancient-bayrob-backdoor-trojan-resurfaces-after-nine-years-with-updated-versions-504631.shtml

26. May 31,
Help Net Security – (International) Check Point finds dangerous vulnerabilities
in LG mobile devices. Security researchers from Check Point discovered two
vulnerabilities in LG mobile devices that could allow an attacker to install a
malicious app and abuse the lack of bind permissions in an LG service, elevate
its privileges, and allow an attacker to control the device, as well as allow a
remote attacker to delete or modify Short Message Service (SMS) messages. Source: https://www.helpnetsecurity.com/2016/05/31/vulnerabilities-lg-mobile-devices/

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"